Supported Resource-Level
Permissions for Amazon ECS API Actions

The term Resource-level permissions refers to the ability to
specify which resources users are allowed to perform actions on. Amazon ECS has partial
support for resource-level permissions. This means that for certain Amazon ECS actions,
you
can control when users are allowed to use those actions based on conditions that have
to
be fulfilled, or specific resources that users are allowed to use. For example, you
can
grant users permission to launch instances, but only of a specific type, and only
using
a specific AMI.

The following table describes the Amazon ECS API actions that currently support
resource-level permissions, as well as the supported resources, resource ARNs, and
condition keys for each action.

Important

If an Amazon ECS API action is not listed in this table, then it does not support
resource-level permissions. If an Amazon ECS API action does not support resource-level
permissions, you can grant users permission to use the action, but you have to
specify a * for the resource element of your policy
statement.